Privacy statement of Member register
Privacy statement – Member register of Aalto Beer Pong ry
This privacy statement complies with the EU General Data
Protection Regulation (GDPR).
1. Controller of the register
Aalto Beer Pong ry (ABP)
Jämeräntaival 6 C 319, 02150, Espoo
2. Person in charge of the register
Secretary Timo Norrkniivilä
[email protected]
3. Name of the register
Member register of Aalto Beer Pong ry
4. Legal basis and the purpose of gathering personal
information
The legal basis for gathering personal information, complying with the EU GDPR,
is the legitimate interest of the controller of the register.
The purpose of gathering personal information is the maintenance of a member
register, required by the Associations Act (503/1989), and keeping the contact
information of the members of the association to date.
5. Information in the register
The register will contain the following information:
- Full
name
- Municipality
of residence
- Email
address
- School
(If it is Aalto University: SCI/ENG/CHEM/ELEC/BIZ/ARTS)
The register does not contain information of people who are
not members of the association. This information is removed within a reasonable
timeframe when membership is terminated.
6. Regular sources of information
The information in the register comes from members who join or have already
joined the association via online www forms or email.
7. Handing over information and transferring information
outside of the EU or the EEA
The information in this register is not to be handed over to outside parties.
The information is not to be handed over or stored outside the European Union
or the European Economic Area.
8. Principles of protecting the register
The register is handled carefully. The information is stored only in electronic
format, in trustworthy servers operated by third parties, which complies with
the EU GDPR. The encryption of the register is done using own passwords of
Aalto Beer Pong ry. The information is only available to authorized persons of
Aalto Beer Pong ry. The controller of the register will ensure that access to
the register is only limited to the appropriate individuals.
9. Right to check and request for corrections in the
information
Each member who is in the register has the right to check their information
that has been saved in the register and demand for corrections if any
information is incorrect or missing. If the person wishes to see the
information the register has on them or requests for a correction, the request
must be sent to the controller of the register in writing. The controller of
the register can ask the sender of the request to verify their identity or to
specify the request. The controller of the register will answer the requesting
party within the time limit
specified by the GDPR (primarily within one month).
10. Retention period of the information in the register
The register shall contain information only of people who are members of Aalto
Beer Pong ry. Persons who quit or are expelled from the association will have
their information removed from the register within a reasonable timeframe, at
most within one month from the decision of expulsion or quitting. In special
cases, the information of the registered person can be stored longer, in which
case the registered person will be informed of the reason for the extension.